At one site I am reselling dsl and I received a few dmca notices identifying timestamps of bittorrent accessing certain movie files by name, size, and port. I need to implement a granular logging system that enables me to identify the culprits. The users are in vlans behind nat. I know that bittorrent may randomly operate on different ports.
Snort should assist me in matching the notices to individual users and devices. What will more immediately sniff and identify bittorrent users on the network when connected to a switch port set to monitor/promiscuous?
Snort should assist me in matching the notices to individual users and devices. What will more immediately sniff and identify bittorrent users on the network when connected to a switch port set to monitor/promiscuous?
Last edited: